Found 4 bookmarks
Custom sorting
Leveraging DNS Tunneling for Tracking and Scanning
Leveraging DNS Tunneling for Tracking and Scanning
This article presents a case study on new applications of domain name system (DNS) tunneling we have found in the wild. These techniques expand beyond DNS tunneling only for command and control (C2) and virtual private network (VPN) purposes. Malicious actors occasionally employ DNS tunneling as a covert communications channel, because it can bypass conventional network firewalls. This allows C2 traffic and data exfiltration that can remain hidden from some traditional detection methods.
#unit42#EN#2024#DNS#Tunneling#Tracking#Scanning#research#analysis
·unit42.paloaltonetworks.com·
Leveraging DNS Tunneling for Tracking and Scanning
Muddled Libra’s Evolution to the Cloud
Muddled Libra’s Evolution to the Cloud
Unit 42 researchers have discovered that the Muddled Libra group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments. Organizations often store a variety of data in SaaS applications and use services from CSPs. The threat actors have begun attempting to leverage some of this data to assist with their attack progression, and to use for extortion when trying to monetize their work.
#unit42#EN#2024#paloaltonetworks#MuddledLibra#research#CSP#software-as-a-service
·unit42.paloaltonetworks.com·
Muddled Libra’s Evolution to the Cloud